#!/bin/bash
# The following may be heavily borrowed from, if not 
# copied from, the NSA's December 20, 2007 "Guide to the 
# Secure Configuration of Red Hat Enterprise Linux 5, Revision 2"

# Title - disable SELINUX

#Initialize variables
export PRECHECK="checkService setroubleshoot off"
export QUESTION="Would you like to disable SELinux?"
export DESCRIPTION="setroubleshoot is a service which has complex functionality, which runs a daemon and uses IPC to distribute information which may be sensitive, or even to allow users to modify SELinux settings, and which does not yet implement real authentication mechanisms. This guide recommends disabling setroubleshoot and using the kernel audit functionality to monitor SELinux’s behavior."
export SOLUTION="chkconfig setroubleshoot off; yum -y erase setroubleshoot;" 